If you use sudo to issue commands as root, and have a GPG (GNU PGP installed on the system, installing BitchX from ports will change the ownership of your pubring.gpg to root, temporarily disabling GPG functionality. Also, a public key is added to the keyring without asking. Fix: The problem is under the pre-extract section in the Makefile for bitchx. The Makefile should probably ask before adding a key, but aside from that, the permission change problem might be fixed by using su in some creative way like: .if defined(SUDO_USER) @${ECHO_CMD} "===> Using Sudo to verify GnuPG signatures." su $(SUDO_USER) -c 'gpg --keyserver pgp.mit.edu --recv-key 42D1F77C' .endif Workaround: 1.) as someuser: cd ~/.gnupg sudo chown someuser pubring.gpg gpg --list-keys > gpg --list-keys gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information /home/someuser/.gnupg/pubring.gpg --------------------------------- pub 1024D/BD8FF700 2004-01-05 Some User (bloke) <someuser@mynet.net> sub 1024g/73C489C3 2004-01-05 [expires: 2004-01-07] pub 1024D/42D1F77C 2003-04-14 Rob Andrews (BitchX FTP Site Administrator) <sin@bitchx.org> sub 2048g/7ADE46D5 2003-04-14 [expires: 2004-04-13] How-To-Repeat: 1.) install sudo 2.) configure an account "someuser". Add into group wheel. 3.) as root, install /usr/ports/security/sudo 4.) as root, add someuser as a sudoer with root access Use visudo to add the line: someuser All=(ALL) ALL under the "User privilige specification" heading 4.) as root, install and configure /usr/ports/security/gnupg 5.) as someuser, generate a gpg keypair, using: gpg --gen-key %pwd /usr/home/someuser %ls -alt .gnupg/ total 20 drwx------ 2 someuser wheel 512 Jan 4 20:59 . -rw------- 1 someuser wheel 1240 Jan 4 20:59 trustdb.gpg -rw------- 1 someuser wheel 600 Jan 4 20:59 random_seed -rw------- 1 someuser wheel 1062 Jan 4 20:59 secring.gpg -rw------- 1 someuser wheel 924 Jan 4 20:59 pubring.gpg drwxr-xr-x 3 someuser wheel 512 Jan 4 20:57 .. -rw------- 1 someuser wheel 0 Jan 4 20:57 pubring.gpg~ -rw------- 1 someuser wheel 8075 Jan 4 20:57 gpg.conf %gpg --list-keys gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information /home/someuser/.gnupg/pubring.gpg --------------------------------- pub 1024D/BD8FF700 2004-01-05 Some User (bloke) <someuser@mynet.net> sub 1024g/73C489C3 2004-01-05 [expires: 2004-01-07] 6.) as someuser->sudo->root install /usr/ports/irc/bitchx > whoami someuser > cd /usr/ports/irc/bitchx > sudo make install clean 7. check permissions on files in ~someuser/.gnupg > ls -lat ~/.gnupg total 24 drwx------ 2 someuser wheel 512 Jan 4 21:11 . -rw------- 1 someuser wheel 1280 Jan 4 21:11 trustdb.gpg -rw------- 1 root wheel 2276 Jan 4 21:11 pubring.gpg -rw------- 1 someuser wheel 600 Jan 4 20:59 random_seed -rw------- 1 someuser wheel 1062 Jan 4 20:59 secring.gpg -rw------- 1 someuser wheel 924 Jan 4 20:59 pubring.gpg~ drwxr-xr-x 3 someuser wheel 512 Jan 4 20:57 .. -rw------- 1 someuser wheel 8075 Jan 4 20:57 gpg.conf 8.) list keys > gpg --list-keys gpg: WARNING: using insecure memory! gpg: please see http://www.gnupg.org/faq.html for more information gpg: can't open `/home/someuser/.gnupg/pubring.gpg' gpg: keydb_search_first failed: file open error
Responsible Changed From-To: freebsd-ports-bugs->arved Over to maintainer.
State Changed From-To: open->closed I have committed a work-around. Thanks for reporting.